Creating a security risk framework that makes banking safer.

Overview

Mobile and online banking are growing. Fast. But so are threats to IT and network security. With members using more digital services along with traditional channels, Debra Bailey, Nationwide’s CIO, wanted to take a fresh look at threat management.

Looking for expertise, Debra turned to us. Based on a long foundation of trust, and our solid track record, we joined forces. Together, we’re protecting Nationwide – now and in the future. Because keeping Nationwide’s members and their information assets secure is as important as ever.

The challenge

In the world of retail banking, more people than ever are turning to mobile and online apps to manage their money. That gave Nationwide an opportunity to give customers more personalised services on the move. And now, with us, it’s working harder than ever to make those services secure.

Debra Bailey, CIO, says: “With more of our services available digitally, it’s really important we help members protect their data. For a while now at Nationwide, our executive board has had an intense focus on this area.”

It’s not only banks who are trying to tackle the threat landscape. The UK government is also trying to coordinate intelligence sharing in the industry. But on the front line, it’s banks that have the ultimate responsibility. The danger is real, and it’s changing and getting more intense all the time.

To cope with a shifting threat landscape, Nationwide needed an approach that wasn’t just rigorous. It had to be agile, too.

The solution

Nationwide awarded us a six‐year contract. It covers all aspects of IT and network security, combining tried and tested methods with a new, dynamic way of working. Together, we discuss every security development – in the bank, the industry and worldwide – to see if it calls for a change in process. Nothing is too small.

Our service covers every aspect of Nationwide's security – from design and implementation to 24-hour proactive and reactive monitoring. We brought together products and services from lots of leading providers to make sure security's covered at every level.

The Financial Conduct Authority and Prudential Regulation Authority are testing security controls and technologies together. As Nationwide’s security partner, we have to satisfy both our own quality criteria and industry standards – like ISO 20000 service management accreditation – while developing and maintaining comprehensive ITIL based services.

Nationwide and BT have a long relationship. A solid cultural fit and strong mutual trust mean the Nationwide executive board feels confident that we have the skills and resources needed. “We’re reassured by the deep expertise BT shows in securing its own global network and those of other large organisations and government agencies,” says Debra Bailey.

The world’s largest building society teams up with BT to protect its assets from the threat landscape.

The result

For the first time, our operational teams are permanently based in Nationwide’s enterprise command centre. Nationwide has focused its security strategy to deal with the changing nature of threats facing the retail banking industry, and IT organisations in general. And we’re supporting this by helping to create an environment that will outsmart today’s would‐be attackers – and be ready for whatever happens in the future.

Nationwide expects its new security strategy and operational model to grow and evolve rapidly. This allows it to be flexible and responsive in delivering more secure and better digital services to its customers.

Meet the experts

Want to know more? Connect with our team of digital transformation specialists.